Fw: HTB - Really Big problem

[<mjoachimiak@xxxxxxxxxxxxxx>]

 

----- Original Message -----

From: Michał Joachimiak

To: lartc@xxxxxxxxxxxxxxx

Sent: Tuesday, July 20, 2004 3:45 PM

Subject: HTB - Really Big problem

Hello everybody!

Since week i dig lists and www and can't find solution for my problem.

I'm using HTB 3.13 kernel 2-4-25 smp iptables 1.2.9.

I've got situation like this:

 

LAN------Linux Box(routing only)------- Linux Box (HTB)--------------Hardware Router(say:HD)------Internet

When I start HTB it takes about 5 min. to start working and it works...

within this 5min starting i can't ping HD and after about 5min I start pinging. It works like this for cuple of hours, then something strange is happening. Ping stops, www doesn't work but radio (36kbps) works. There is no ping at all for about 1min and it starts pinging for about 2-3min and it stops for 1-2min and so on.....

When I stop HTB ping starts. It's look like HTB is filled to much(sorry for my english :/)

All my children classes rate doesn't exceeds root classes. I have 50 classes on 900kbit-10kbit(for default class) - downstream and 800-10kbit(for default)  up.

I shape bandwidth matching ip. r2q is set to 1 . no erros during doing shape script.

I'm attaching this script

in ip1 ip2 and so on are  files where are written ip's for C classes.

 

I'm including my script.

---------------------------------------------------cut here -----------------------------------------------------------------------------------

#!/bin/bash
#x=$[100/20]
#echo "$1" > /skrytpy/status
rxmax=900 #WAN max transfer -down (physically it is 960kbit/960kbit)
kbit=kbit
rxmaxluser=250
txmax=800 #WAN max transfer - up
txmaxluser=100
#counting users
# ip1 file is like this:
# 11 #Somebody
# 23 #Somebody II
#EOF
licznik=0
for   x in $(awk '{ print $1 }' /skrytpy/ip1); do
licznik=$[$licznik+1]
done
for   x in $(awk '{ print $1 }' /skrytpy/ip2); do
licznik=$[$licznik+1]
done
for   x in $(awk '{ print $1 }' /skrytpy/ip3); do
licznik=$[$licznik+1]
done
for   x in $(awk '{ print $1 }' /skrytpy/ip128); do
licznik=$[$licznik+1]
done
for   x in $(awk '{ print $1 }' /skrytpy/ip4); do
licznik=$[$licznik+1]
done
for   x in $(awk '{ print $1 }' /skrytpy/ipzew); do
licznik=$[$licznik+1]
done
for   x in $(awk '{ print $1 }' /skrytpy/ip6); do
licznik=$[$licznik+1]
done

 

#Server
licznik=$[$licznik+1]
#plus router
licznik=$[$licznik+1]

 

echo number of users to $licznik
#counting rate
rx1=$[$rxmax-10]
tx1=$[$txmax-10] # dla klasy domyslnej
rxmin=$[$rx1/$licznik]
txmin=$[$tx1/$licznik]
echo rx $rxmin tx $txmin
#echo $rxmin
#root classes
#rx
tc qdisc del root dev eth1
tc qdisc add dev eth1 root handle 1:0 htb r2q 1 default 2
tc class add dev eth1 parent 1:0 classid 1:1 htb rate $rxmax$kbit ceil $rxmax$kbit
#tx
tc qdisc del root dev eth0
tc qdisc add dev eth0 root handle 2:0 htb r2q 1 default 4
tc class add dev eth0 parent 2:0 classid 2:1 htb rate $txmax$kbit ceil $txmax$kbit
#r="$rxmax$kbit"
#default classes
#rx
tc class add dev eth1 parent 1:1 classid 1:2 htb rate 10kbit ceil 10kbit
#tx
tc class add dev eth0 parent 2:1 classid 2:4 htb rate 10kbit ceil 10kbit
#siec 1.0
siec=1
for ip in $(awk '{ print $1 }' /skrytpy/ip1); do
echo -n "$ip "
#rx
tc class add dev eth1 parent 1:1 classid 1:$ip htb rate $rxmin$kbit ceil $rxmaxluser$kbit
tc filter add dev eth1 protocol ip parent 1:0 u32 match ip dst 192.168.$siec.$ip flowid 1:$ip
tc qdisc add dev eth1 parent 1:$ip handle $ip:0 sfq perturb 10
#tx
#marking packets
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.$siec.$ip -j MARK --set-mark $ip
#tc
tc class add dev eth0 parent 2:1 classid 2:$ip htb rate $txmin$kbit ceil $txmaxluser$kbit
#filtering by mark
tc filter add dev eth0 protocol ip preference 1 parent 2:0 handle $ip fw flowid 2:$ip
tc qdisc add dev eth0 parent 2:$ip handle $ip:1 sfq perturb 10
done
echo ""
#siec 2.0
siec=2
for ip in $(awk '{ print $1 }' /skrytpy/ip2); do
echo -n "$ip "
tc class add dev eth1 parent 1:1 classid 1:$ip htb rate $rxmin$kbit ceil $rxmaxluser$kbit
tc filter add dev eth1 protocol ip parent 1:0 u32 match ip dst 192.168.$siec.$ip flowid 1:$ip
tc qdisc add dev eth1 parent 1:$ip handle $ip:0 sfq perturb 10
#mark
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.$siec.$ip -j MARK --set-mark $ip
#tc
tc class add dev eth0 parent 2:1 classid 2:$ip htb rate $txmin$kbit ceil $txmaxluser$kbit
tc qdisc add dev eth0 parent 2:$ip handle $ip:1 sfq perturb 10
#filtrowanie po marku
tc filter add dev eth0 protocol ip preference 1 parent 2:0 handle $ip fw flowid 2:$ip
done
#siec 3.0
siec=3
echo " "
for ip in $(awk '{ print $1 }' /skrytpy/ip3); do
echo -n "$ip "
tc class add dev eth1 parent 1:1 classid 1:$ip htb rate $rxmin$kbit ceil 128kbit
tc filter add dev eth1 protocol ip parent 1:0 u32 match ip dst 192.168.$siec.$ip flowid 1:$ip
tc qdisc add dev eth1 parent 1:$ip handle $ip:0 sfq perturb 10
#mark
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.$siec.$ip -j MARK --set-mark $ip
#tc
tc class add dev eth0 parent 2:1 classid 2:$ip htb rate $txmin$kbit ceil 64kbit
tc qdisc add dev eth0 parent 2:$ip handle $ip:1 sfq perturb 10
#filtrowanie po marku
tc filter add dev eth0 protocol ip preference 1 parent 2:0 handle $ip fw flowid 2:$ip
done
echo " "
#Siec 4
siec=4
for ip in $(awk '{ print $1 }' /skrytpy/ip4); do
echo -n "$ip "
tc class add dev eth1 parent 1:1 classid 1:$ip htb rate $rxmin$kbit ceil 128kbit
tc filter add dev eth1 protocol ip parent 1:0 u32 match ip dst 192.168.$siec.$ip flowid 1:$ip
tc qdisc add dev eth1 parent 1:$ip handle $ip:0 sfq perturb 10
#mark
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.$siec.$ip -j MARK --set-mark $ip
#tc
tc class add dev eth0 parent 2:1 classid 2:$ip htb rate $txmin$kbit ceil 64kbit
tc qdisc add dev eth0 parent 2:$ip handle $ip:1 sfq perturb 10
#filtrowanie po marku
tc filter add dev eth0 protocol ip preference 1 parent 2:0 handle $ip fw flowid 2:$ip
done
echo " "
#walas
siec=6
for ip in $(awk '{ print $1 }' /skrytpy/ip6); do
echo -n "$ip "
tc class add dev eth1 parent 1:1 classid 1:$ip htb rate $rxmin$kbit ceil 128kbit
tc filter add dev eth1 protocol ip parent 1:0 u32 match ip dst 192.168.$siec.$ip flowid 1:$ip
tc qdisc add dev eth1 parent 1:$ip handle $ip:0 sfq perturb 10
#mark
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.$siec.$ip -j MARK --set-mark $ip
#tc
tc class add dev eth0 parent 2:1 classid 2:$ip htb rate $txmin$kbit ceil 64kbit
tc qdisc add dev eth0 parent 2:$ip handle $ip:1 sfq perturb 10
#filtrowanie po marku
tc filter add dev eth0 protocol ip preference 1 parent 2:0 handle $ip fw flowid 2:$ip
done
echo " "

 

#Siec ip zewnetrznych
siec=62.87.193
for ip in $(awk '{ print $1 }' /skrytpy/ipzew); do
echo -n "$ip "
tc class add dev eth1 parent 1:1 classid 1:$ip htb rate $rxmin$kbit ceil $rxmaxluser$kbit
tc filter add dev eth1 protocol ip parent 1:0 u32 match ip dst $siec.$ip flowid 1:$ip
tc qdisc add dev eth1 parent 1:$ip handle $ip:0 sfq perturb 10
#mark
iptables -t mangle -A MYSHAPER-OUT -p tcp -s $siec.$ip -j MARK --set-mark $ip
#tc
tc class add dev eth0 parent 2:1 classid 2:$ip htb rate $txmin$kbit ceil $txmaxluser$kbit
tc qdisc add dev eth0 parent 2:$ip handle $ip:1 sfq perturb 10
#filtrowanie po marku
tc filter add dev eth0 protocol ip preference 1 parent 2:0 handle $ip fw flowid 2:$ip
done
echo " "

 

#Wyjatki z ip128
siec=1
ip=54
echo $ip
tc class add dev eth1 parent 1:1 classid 1:$ip htb rate $rxmin$kbit ceil 64kbit
tc filter add dev eth1 protocol ip parent 1:0 u32 match ip dst 192.168.$siec.$ip flowid 1:$ip
tc qdisc add dev eth1 parent 1:$ip handle $ip:0 sfq perturb 10
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.$siec.$ip -j MARK --set-mark $ip
#tc
tc class add dev eth0 parent 2:1 classid 2:$ip htb rate $txmin$kbit ceil 20kbit
tc qdisc add dev eth0 parent 2:$ip handle $ip:1 sfq perturb 10
#filtrowanie po marku
tc filter add dev eth0 protocol ip preference 1 parent 2:0 handle $ip fw flowid 2:$ip

 

siec=2
ip=53
echo $ip
tc class add dev eth1 parent 1:1 classid 1:$ip htb rate $rxmin$kbit ceil 128kbit
tc filter add dev eth1 protocol ip parent 1:0 u32 match ip dst 192.168.$siec.$ip flowid 1:$ip
tc qdisc add dev eth1 parent 1:$ip handle $ip:0 sfq perturb 10
#tx
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.$siec.$ip -j MARK --set-mark $ip
#tc
tc class add dev eth0 parent 2:1 classid 2:$ip htb rate $txmin$kbit ceil 64kbit
tc qdisc add dev eth0 parent 2:$ip handle $ip:1 sfq perturb 10
#filtrowanie po marku
tc filter add dev eth0 protocol ip preference 1 parent 2:0 handle $ip fw flowid 2:$ip

 

siec=4
ip=138
echo $ip
tc class add dev eth1 parent 1:1 classid 1:$ip htb rate $rxmin$kbit ceil 400kbit
tc filter add dev eth1 protocol ip parent 1:0 u32 match ip dst 62.87.193.$ip flowid 1:$ip
tc qdisc add dev eth1 parent 1:$ip handle $ip:0 sfq perturb 10
#tx
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 62.87.193.$ip -j MARK --set-mark $ip
#tc
tc class add dev eth0 parent 2:1 classid 2:$ip htb rate $txmin$kbit ceil 256kbit
tc qdisc add dev eth0 parent 2:$ip handle $ip:1 sfq perturb 10
#filtrowanie po marku
tc filter add dev eth0 protocol ip preference 1 parent 2:0 handle $ip fw flowid 2:$ip

 

#Serwer
siec=5
ip=3
echo "5.2/3" #nadle x:3 because x:3 are saved for default classess
tc class add dev eth1 parent 1:1 classid 1:$ip htb rate $rxmin$kbit ceil 200kbit
tc filter add dev eth1 protocol ip parent 1:0 u32 match ip dst 192.168.5.2 flowid 1:$ip
tc qdisc add dev eth1 parent 1:$ip handle $ip:0 sfq perturb 10
#tx
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.5.2 -j MARK --set-mark $ip
tc class add dev eth0 parent 2:1 classid 2:$ip htb rate $txmin$kbit ceil 256kbit
tc qdisc add dev eth0 parent 2:$ip handle $ip:1 sfq perturb 10
#filtrowanie po marku
tc filter add dev eth0 protocol ip preference 1 parent 2:0 handle $ip fw flowid 2:$ip
--------------------------------------------------------------------cut here ------------------------------------------------------------------

 

Please help - I have no idea why it's not works.